Reject filenames beginning with '-' (security concern).

src/sbbs3/ftpsrvr.c

@@ -4123,7 +4123,8 @@ static void ctrl_thread(void* arg)
 					sockprintf(sock,"553 Insufficient access.");
 					continue;
 				}
-				if(strcspn(p,ILLEGAL_FILENAME_CHARS)!=strlen(p)
+				if(*p=='-'
+					|| strcspn(p,ILLEGAL_FILENAME_CHARS)!=strlen(p)
 					|| trashcan(&scfg,p,"file")) {
 					lprintf(LOG_WARNING,"%04d !ILLEGAL FILENAME ATTEMPT by %s: %s"
 						,sock,user.alias,p);
@@ -4649,7 +4650,7 @@ void DLLCALL ftp_server(void* arg)
 			return;
 		}
 
-		lprintf(LOG_DEBUG,"%04d FTP socket opened",server_socket);
+		lprintf(LOG_DEBUG,"%04d FTP Server socket opened",server_socket);
 
 		/*****************************/
 		/* Listen for incoming calls */
@@ -4782,6 +4783,10 @@ void DLLCALL ftp_server(void* arg)
 			served++;
 		}
 
+#ifdef _DEBUG
+		lprintf(LOG_DEBUG,"0000 server_socket: %d",server_socket);
+		lprintf(LOG_DEBUG,"0000 terminate_server: %d",terminate_server);
+#endif
 		if(active_clients) {
 			lprintf(LOG_DEBUG,"0000 Waiting for %d active clients to disconnect...", active_clients);
 			start=time(NULL);